MISP
/
misp-galaxy
mirror of https://github.com/MISP/misp-galaxy
2
0
Fork 0
Code Issues Releases Wiki Activity

[threat-actors] Add ResumeLooters

pull/937/head
Mathieu4141 2024-02-20 05:22:25 -08:00
parent 6ddf39e1ae
commit d3f5a26ec0
1 changed files with 10 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
clusters/threat-actor.json
View File

@ -15208,6 +15208,16 @@
},
"uuid": "c74f78d1-3728-4bb9-b84f-0e46d2e870b2",
"value": "ProCC"
},
{
"description": "Since the beginning of 2023, ResumeLooters have been able to compromise at least 65 websites. The group employs a variety of simple techniques, including SQL injection and XSS. The threat actor attempted to insert XSS scripts into all available forms, aiming to execute it on the administrators device to obtain admin credentials. While the group was able to execute the XSS script on some visitors devices with administrative access, allowing ResumeLooters to steal the HTML code of the pages the victims were visiting, Group-IB did not find any confirmation of admin credential thefts.",
"meta": {
"refs": [
"https://www.group-ib.com/blog/resumelooters/"
]
},
"uuid": "76dbe26b-8b39-40f5-bc2b-9620004f388e",
"value": "ResumeLooters"
}
],
"version": 301